The availability of a multitude of data sources has naturally increased the need for subjects to collaborate for supporting distributed computations that combine different data collections for their elaboration and analysis. Due to the quick pace at which datasets grow, often the authorities collecting and owning such datasets resort to external third parties (e.g., cloud providers) for their storage and management. Data un- der the control of different authorities are autonomously encrypted (using different encryption schemes and keys) for their external storage. This makes distributed computations combining these sources dif- ficult to support. In this paper, we propose an approach enabling collaborative computations over data encrypted in storage, selectively involving also subjects that might not be authorized for accessing the data in plaintext when their collaboration is considered economically convenient. We also consider the possible adoption of trusted hardware components, to enable the evaluation of operations over plain- text data at non-fully trusted computational providers. The experimental results confirm the economic benefits that can be enabled by our proposal.
Distributed query execution under access restrictions / S. De Capitani di Vimercati, S. Foresti, S. Jajodia, G. Livraga, S. Paraboschi, P. Samarati. - In: COMPUTERS & SECURITY. - ISSN 0167-4048. - 127:(2023 Apr), pp. 103056.1-103056.18. [10.1016/j.cose.2022.103056]
Distributed query execution under access restrictions
S. De Capitani di Vimercati
Primo
;S. ForestiSecondo
;G. Livraga;P. Samarati
Ultimo
2023
Abstract
The availability of a multitude of data sources has naturally increased the need for subjects to collaborate for supporting distributed computations that combine different data collections for their elaboration and analysis. Due to the quick pace at which datasets grow, often the authorities collecting and owning such datasets resort to external third parties (e.g., cloud providers) for their storage and management. Data un- der the control of different authorities are autonomously encrypted (using different encryption schemes and keys) for their external storage. This makes distributed computations combining these sources dif- ficult to support. In this paper, we propose an approach enabling collaborative computations over data encrypted in storage, selectively involving also subjects that might not be authorized for accessing the data in plaintext when their collaboration is considered economically convenient. We also consider the possible adoption of trusted hardware components, to enable the evaluation of operations over plain- text data at non-fully trusted computational providers. The experimental results confirm the economic benefits that can be enabled by our proposal.File | Dimensione | Formato | |
---|---|---|---|
COSE-D-22-00532R1.pdf
accesso aperto
Tipologia:
Pre-print (manoscritto inviato all'editore)
Dimensione
504.61 kB
Formato
Adobe PDF
|
504.61 kB | Adobe PDF | Visualizza/Apri |
1-s2.0-S0167404822004485-main.pdf
accesso aperto
Descrizione: Article
Tipologia:
Publisher's version/PDF
Dimensione
2.89 MB
Formato
Adobe PDF
|
2.89 MB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.